Package: xulrunner
Version: 1.9.1.5-2
Severity: important
Tags: security

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xulrunner.

CVE-2008-5913[0]:
| An unspecified function in the JavaScript implementation in Mozilla
| Firefox creates and exposes a "temporary footprint" when there is a
| current login to a web site, which makes it easier for remote
| attackers to trick a user into acting upon a spoofed pop-up message,
| aka an "in-session phishing attack." NOTE: as of 20090116, the only
| disclosure is a vague pre-advisory with no actionable information.
| However, because it is from a well-known researcher, it is being
| assigned a CVE identifier for tracking purposes.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5913
    http://security-tracker.debian.org/tracker/CVE-2008-5913



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to